Retailers are using mobile-based technology to track shoppers' movements at some malls and stores. The companies collecting the information say it's anonymous, can't be traced to a specific person and no one should worry about invasion of privacy. But consumer advocates aren't convinced. It's spying, they say, and shoppers should be informed their phones are being observed and then be able choose whether to allow it.

The Federal Trade Commission held a workshop Wednesday on the issue, and FTC attorney Amanda Koulousias says the commission wants to better understand how companies are using phone-location technology, how robust privacy controls are and whether shoppers are notified in advance.

Here's how the technology works: Your smartphone has a unique identifier code — a MAC address — for Wi-Fi and Bluetooth. It's a 12-character string of letters and numbers, but not linked to personal information. The numbers and letters link only to a specific phone.

When your smartphone is turned on, it sends out signals with that MAC address as it searches for Wi-Fi or Bluetooth. Those signals can also be captured by sensors in stores that could tell a department store how often shoppers visit, how long they stay and more detailed information.

Companies that provide "mobile location analytics" to retailers, grocery stores, airports and others say they capture the MAC addresses of shoppers' phones but then scramble them into different sets of numbers and letters to conceal the original addresses — a process called hashing. The companies then analyze all the information as shoppers move from store to store in a mall, or department to department in a store.

And that could reveal data that people may not want to share. While not necessarily worried about foot traffic at a mall, Schoen raised concerns about down-the-road scenarios, like apps that could track where a person goes, whom that person is with — possibly the kind of information a divorce lawyer or law enforcement might seek.